The disclosed computer-implemented method for identifying security risks posed by application bundles may include (i) intercepting, using a VPN client of the computing device, network traffic of the computing device, wherein an operating system of the computing device restricts applications into a sandboxed environment, (ii) storing, on the computing device, a copy of at least a portion of the network traffic of the computing device within a sandbox associated with the VPN client, (iii) identifying, by analyzing the copy of the network traffic, an application bundle within the network traffic, (iv) determining, by analyzing the application bundle in the sandbox associated with the VPN client, that the application bundle poses a security risk, and (v) in response to determining that the application bundle poses a security risk, performing a security action to remedy the security risk. Various other methods, systems, and computer-readable media are also disclosed.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
2. The computer-implemented method of claim 1, wherein the security action comprises generating and displaying, to a user of the computing device, a notification that identifies the security risk.
5. The computer-implemented method of claim 4, wherein the data associated with the application bundle includes at least one of a domain name, a declared permission requested by the application bundle, a dynamically linked library, a security setting, or a declared reason for an application executing in a background of the computing device.
6. The computer-implemented method of claim 4, further comprising presenting, based on the data associated with the application bundle, a summary of potential risks associated with the application bundle.
9. The system of claim 8, wherein the security action comprises generating and displaying, to a user of the computing device, a notification that identifies the security risk.
12. The system of claim 11, wherein the data associated with the application bundle includes at least one of a domain name, a declared permission requested by the application bundle, a dynamically linked library, a security setting, or a declared reason for an application executing in a background of the computing device.
13. The system of claim 11, wherein the computer-executable instructions further cause the computing device to present, based on the data associated with the application bundle, a summary of potential risks associated with the application bundle.
16. The non-transitory computer-readable medium of claim 15, wherein the security action comprises generating and displaying, to a user of the computing device, a notification that identifies the security risk.
A system for detecting and mitigating security risks in computing devices involves monitoring device activity to identify potential threats. The system analyzes data from various sources, such as system logs, network traffic, and application behavior, to detect anomalies or malicious patterns. When a security risk is identified, the system performs a security action to address the threat. One such action includes generating and displaying a notification to the user, alerting them to the identified security risk. The notification provides details about the nature of the risk, allowing the user to take appropriate measures. This proactive approach helps users recognize and respond to potential security breaches, enhancing overall device security. The system may also include additional features, such as automated remediation steps or logging the incident for further analysis. By providing clear and timely notifications, the system empowers users to maintain a secure computing environment.
19. The non-transitory computer-readable medium of claim 18, wherein the data associated with the application bundle includes at least one of a domain name, a declared permission requested by the application bundle, a dynamically linked library, a security setting, or a declared reason for an application executing in a background of the computing device.
20. The non-transitory computer-readable medium of claim 18, wherein the computer-executable instructions further cause the computing device to present, based on the data associated with the application bundle, a summary of potential risks associated with the application bundle.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
December 20, 2019
October 4, 2022
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.